Viralfy.aiBack

Privacy Policy

Last updated: 12/6/2025

1. Introduction

Viralfy.ai respects your privacy and is committed to protecting your personal data. This policy explains how we collect, use, store and protect your information when you use our platform.

2. Information We Collect

2.1 Account Information

  • Name and email address (via Google OAuth or Facebook Login)
  • Profile picture (via Google OAuth or Facebook Login)
  • Subscription and payment information

2.2 Usage Data

  • AI-generated content
  • Tool usage history
  • Preferences and settings
  • Access and activity logs

2.3 Instagram/Facebook/TikTok Data (when connected)

When you connect your Instagram, Facebook or TikTok accounts, we collect:

  • Profile information (username, bio, profile picture, follower count)
  • List of Facebook pages you manage
  • Post metrics (likes, comments, shares, saves)
  • Reach and impressions data
  • Audience demographics (aggregated age, gender, location data)
  • Post history for performance analysis
  • Engagement data by content type
  • TikTok video statistics (views, likes, comments, shares)

Nota: Note: This data is collected only with your express authorization and can be revoked at any time.

2.4 Technical Information

  • IP address
  • Browser type and device
  • Operating system
  • Cookie and session data

3. How We Use Your Information

3.1 General Data Use

  • Provide and maintain our services
  • Process payments and manage subscriptions
  • Personalize your platform experience
  • Send important service communications
  • Improve our AI algorithms
  • Detect and prevent fraud
  • Comply with legal obligations

3.2 Specific Use of Instagram/Facebook/TikTok Data

Data accessed through Instagram, Facebook and TikTok APIs is used exclusively for:

  • Automated Publishing: Publish content created on the platform to your connected accounts as scheduled
  • Performance Analysis: Collect and present engagement metrics from your posts (likes, comments, reach)
  • Content Optimization: Suggest better posting times and content types based on historical data
  • Custom Reports: Generate performance and audience growth reports
  • Multi-Account Management: Facilitate management of multiple accounts/pages from a centralized dashboard
  • Data Synchronization: Keep information about your connected accounts up to date
  • Video Upload and Publishing: Upload and publish videos directly to TikTok

Importante: Important: We do not use your Instagram/Facebook/TikTok data for any purpose other than those explicitly described above and for which you have given consent.

4. Data Sharing

We do not sell your personal data. We may share information only in the following situations:

  • Service Providers: Google (authentication), Facebook (authentication), Stripe (payments), OpenAI (AI processing)
  • Legal Requirements: When necessary to comply with laws or regulations
  • Rights Protection: To protect our rights, property or safety
  • Consent: With your express authorization

5. Authentication and API Providers

5.1 Google OAuth 2.0

When you log in with your Google account, we use Google OAuth 2.0 service for secure authentication. The following information is collected:

  • Full name as registered in Google account
  • Primary email address from Google account
  • Google account profile picture (if available)
  • Unique Google user ID (for identification)

Google Privacy Policy: For more information on how Google handles your data, see Google's Privacy Policy.: Google Privacy Policy.

5.2 Facebook Login and APIs

When you log in with your Facebook account, we use Facebook Login for authentication. The following information is collected:

  • Name as registered in Facebook account
  • Email address associated with Facebook account
  • Facebook account profile picture (if available)
  • Unique Facebook user ID (for identification)

Facebook Data Policy: For more information on how Facebook handles your data, see Facebook's Privacy Policy.: Facebook Privacy Policy.

5.3 Instagram, Facebook and TikTok APIs for Publishing

For users who connect their Instagram Business accounts, Facebook pages or TikTok, we use the following APIs and permissions to provide our content scheduling and publishing services:

Requested Permissions:

  • instagram_content_publish: To publish photos, videos and stories to Instagram on your behalf
  • instagram_manage_insights: To access performance metrics from your posts
  • instagram_basic: To access basic Instagram account information
  • pages_manage_posts: To publish to connected Facebook pages
  • pages_show_list: To list your Facebook pages
  • pages_read_engagement: To read page engagement metrics
  • business_management: To access connected business accounts
  • user.info.basic: To access basic TikTok account information
  • video.upload: To upload videos to TikTok (requires approval)
  • video.publish: To publish videos to TikTok (requires approval)

Data Accessed:

  • Basic Instagram account information (username, profile picture, follower count)
  • List of Facebook pages you manage
  • Published post metrics (likes, comments, shares, reach, impressions)
  • Audience demographic data (age, gender, location) - aggregated data only
  • Post history for performance analysis
  • Basic TikTok account information (username, profile picture, follower count)
  • TikTok video statistics (views, likes, comments, shares)

Purpose of Use:

  • Scheduling and Publishing: Automatically publish content created on the platform to your accounts
  • Performance Analysis: Provide metrics and insights about your post engagement
  • Content Optimization: Suggest improvements based on performance history
  • Multi-Account Management: Allow centralized management of multiple accounts/pages
  • Reports and Analytics: Generate performance reports for analysis
  • Video Upload: Upload and publish videos directly to TikTok
  • Privacy Management: Configure privacy levels for TikTok publications

Control and Revocation:

  • You can revoke these permissions at any time in your Facebook/Instagram/TikTok account settings
  • You can also disconnect your accounts in our platform settings
  • After revocation, we can no longer access or publish to your accounts
  • Already collected data will be retained according to our retention policy, unless you request deletion

Importante: Important: These permissions are only requested when you choose to connect your Instagram/Facebook/TikTok accounts to use our publishing and analytics features. You maintain full control over your accounts and can revoke these permissions at any time.

5.4 TikTok Login and APIs

When you connect your TikTok account, we use the TikTok Login Kit for authentication. The following information is collected:

  • Name as registered in TikTok account
  • TikTok account username
  • TikTok profile picture (if available)
  • Unique TikTok user ID (for identification)
  • Number of followers and following
  • Basic account statistics

TikTok Data Policy: For more information on how TikTok handles your data, see TikTok's Privacy Policy.: TikTok Privacy Policy.

5.5 Authentication Security

  • We do not store your Google or Facebook login credentials (password)
  • We only use secure access tokens provided by the providers
  • Authentication is encrypted using HTTPS/TLS protocols
  • You can revoke access at any time in your Google or Facebook account settings
  • Access tokens are stored securely and encrypted
  • We implement automatic token renewal when necessary

6. Storage and Security

6.1 Storage

Your data is stored on secure Google Firebase servers, located in certified data centers. We keep your data only for as long as necessary to provide our services.

6.2 Instagram/Facebook/TikTok Data Retention

For data obtained through Instagram, Facebook and TikTok APIs, we follow specific retention policies:

  • Profile Data: Maintained while your account is active on our platform
  • Metrics and Insights: Retained for up to 2 years for historical analysis and reports
  • Access Tokens: Automatically renewed as needed, or deleted if revoked
  • Published Content: References are kept for history, but content remains in your original accounts
  • Automatic Deletion: Data is automatically deleted when you disconnect your accounts or request deletion
  • Legal Compliance: Data may be retained for longer periods if required by law
  • TikTok Videos: Video files are temporarily processed and deleted after publication

6.3 Security

  • Data encryption in transit and at rest
  • Secure OAuth2 authentication with Google and Facebook
  • Continuous security monitoring
  • Restricted access to personal data
  • Secure storage of access tokens with automatic rotation
  • Audit logs for all data operations

7. Your Rights (LGPD)

In accordance with the General Data Protection Law (LGPD), you have the following rights:

  • Access: Know what personal data we have about you
  • Correction: Correct incomplete, inaccurate or outdated data
  • Deletion: Request deletion of unnecessary data
  • Portability: Receive your data in structured format
  • Opposition: Object to the processing of your data
  • Information: Obtain information about data processing

How to Exercise Your Rights

To exercise any of the above rights, especially related to data obtained from Instagram/Facebook/TikTok:

  • Via Platform: Access your account settings and manage your connections
  • Email Request: Send a request to privacidade@viralfy.ai
  • Direct Revocation: Remove permissions in Facebook/Instagram/TikTok settings
  • Response Time: We will respond within 15 business days

Instagram/Facebook/TikTok Data Deletion: When you request deletion or disconnect your accounts, all related data is permanently removed within 30 days.

8. Cookies and Similar Technologies

We use essential cookies for platform functionality, including authentication and user preferences. We do not use third-party cookies for tracking or advertising.

9. Minors

Our services are intended for users over 18 years old. We do not intentionally collect data from minors. If we become aware of data from minors, we will delete it immediately.

10. Changes to this Policy

We may update this policy periodically. Significant changes will be communicated by email and through the platform. The date of the last update will always be indicated at the top of this page.

11. Contact

To exercise your rights, clarify doubts or make complaints about this policy, contact us:

  • Email: contato@viralfy.ai
  • Data Protection Officer: contato@viralfy.ai

Specific Instagram/Facebook/TikTok Requests

For issues related to data obtained from Instagram, Facebook or TikTok, including:

  • Deletion of social media connection data
  • API permission revocation
  • Questions about collected metrics
  • Data portability requests
  • Deletion of temporarily processed videos

Guaranteed Response: All requests are answered within 15 business days, as required by LGPD.

Back to Login